What critical factors should organizations consider before taking the step of paying extortionists a ransom in hopes of regaining access to systems or avoiding the release of data in the wake of a ransomware attack? Former FBI special agent Vincent D'Agostino provides guidance.

The latest edition of the ISMG Security Report features an analysis of why the FireEye breach is a wake-up call for the cybersecurity industry. Also featured: Monero cryptocurrency scams; key considerations for cloud security.

This edition of the ISMG Security Report features an analysis of a serious Apple iOS "zero-click exploit" that could have allowed hackers to remotely gain complete control of a device. Also featured: a discussion of identity proofing challenges and a review of New Zealand's updated Privacy Act.

The latest edition of the ISMG Security Report features an analysis of how cybercriminals are ditching banking Trojans in favor of ransomware attacks. Also featured: Defending against deep fakes; supporting a dispersed workforce.

What are the critical components of a strong enterprise cyber risk management program for healthcare entities? Bob Chaput, founder of security and privacy consulting firm Clearwater, outlines key factors in an interview about his new book on the topic.

Companies should establish clear policies for how employees can report signs of accounts payable fraud, says Peter Goldmann, president of FraudAware, which provides antifraud training.

This edition of the ISMG Security Report features a discussion with Christopher Krebs, the recently fired director of the Cybersecurity Infrastructure Security Agency, on his accomplishments at the agency. Also featured are updates on ransomware gangs recruiting affiliates and healthcare supply chain risks.

Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Corn of VMware, who describes this "intrinsic security" approach.

With the escalation of cyberattacks on the healthcare sector during the COVID-19 pandemic, supply chain partners need to strengthen their security controls and defenses, say Vishwas Gadgil of pharmaceutical firm Merck and Ed Gaudet of the consultancy Censinet. They describe updated guidance on the subject.

"Better, cheaper, faster." These are the results that banking institutions can receive by shifting security to the cloud, says David Vergara of OneSpan. At a time when multi-channel fraud is surging and the customer experience is paramount, cloud needs serious consideration, he says.